T-Mobile network hacked by 17-year old to access unlimited data

According ArsTechnica, Jacob Ajit, a student at Thomas Jefferson High School for Science and Technology managed to gain unlimited access to 4G internet while he was playing around with a T-Mobile prepaid device.

The T-Mobile pre-paid SIM cards allow users to update their account and purchase additional service without having to visit a T-Mobile store or log onto their account from a Wi-Fi network. While this sounds convenient, it has an issue. What if the user’s pack expires and they want to recharge their data? The device will need access to T-Mobile’s network to make the purchase transaction.

So basically these pre-paid SIM cards allow you to connect to the internet at all times, but of course this access is blocked and only allows a user to access their T-Mobile member portal unless they’ve paid for active service.

The teenager found that the Speedtest app still worked even though the device’s pre-paid period had expired. After tinkering with the Speedtest on both the mobile device and his Macbook while using mitmproxy, he realized that all the data hosted to test internet speeds contained “/speedtest” in the URL.

He then discovered that he could reach these files outside of the Speedtest app by using the smartphone’s browser, even though access was restricted to account-relevant T-Mobile sites. He also discovered that he could publish content on the internet containing “/speedtest” in its web address, and he could access all of this content as well. Ajit then setup a remote server that contained “/speedtest” in its web address. By running all of his browsing through that server, he gained access to internet via T-Mobile’s 4G network from a non-active device.

While he hasn’t received a response from T-Mobile itself, he has posted his findings to Medium because he thinks that the issue can be fixed easily.